Forms authentication...

[Paul Mason]

Hi folks,

An odd one for the start of this week.

I have a web project that I have taken over from a colleague. He had the
authentication set to windows, but I have now changed that to forms
authentication by putting the following xml in we.config :

<authentication mode="Forms">


<forms name="TICookie"

loginUrl="logon.aspx"

protection="All"

timeout="10"

path="/"

requireSSL="false"

slidingExpiration="true">

</forms>

</authentication>

Unfortunately it isn't working. When I display my initial page
(imaginativelly called default.aspx!) I expect it to re-direct to
logon.aspx, but it doesn't. If I select the logon page manually (from a
menu) I can connect and authenticate fine.

I don't have a general problem with forms authentication. It works fine on
a number of other systems. This is the first time I've changed the
authentication method of a project, so I'm not sure if I've missed
something.

I've tried restarting IIS, but I haven't resorted to rebuilding the project
yet.

Any ideas?

Cheers...P

 

[Karl Seguin]

Paul, perhaps a sily question, but do you have the <authorization> set?

<authorization>
<deny users="?" />
</authorization>

the protection="All" in formsAuthentication is for how the cookie should be
encrypted on the user's browser...not to say which pages (all) should be
protected...

Karl

 

[Paul Mason]

Hi,

Yes...it's set to * at the moment. There are no <deny users>.

Cheers...P

 

[Karl Seguin]

Paul
could you clarify this? are you saying you don' thave any <deny>'s in there?
What's set to * ? the allow? the deny?

karl